In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
CVE-2020-26266 - Medium Severity Vulnerability
Vulnerable Library - TensorIOTensorFlow-2.0.8
An unofficial build of TensorFlow for iOS used by TensorIO, supporting inference, evaluation, and training.
Library home page: https://storage.googleapis.com/tensorio-build/ios/release/2.0/xcodebuild/12C33/tag/2.0.8/pod/TensorIO-TensorFlow-2.0_8.tar.gz
Path to dependency file: tensorio-ios/TensorFlowExample/Podfile.lock
Path to vulnerable library: tensorio-ios/TensorFlowExample/Podfile.lock,tensorio-ios/SwiftTensorFlowExample/Podfile.lock
Dependency Hierarchy: - TensorIO/TensorFlow-1.2.5 (Root Library) - :x: **TensorIOTensorFlow-2.0.8** (Vulnerable Library)
Found in HEAD commit: 76806a6a9f6436a3277b2166d60d97e52cac02c7
Found in base branch: master
Vulnerability Details
In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.
Publish Date: 2020-12-10
URL: CVE-2020-26266
CVSS 3 Score Details (5.3)
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low
For more information on CVSS3 Scores, click here.